Manualshelf

H3C S7500E Series Ethernet Switches Operation Manual

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve 8116fl Redundant Switch Fabric Module
801802803804805806807808809810
Operation Manual – 802.1x - MAC Authentication
H3C S7500E Series Ethernet Switches Chapter 1 802.1x Configuration
1-5
II. EAP Packet Format
An EAPOL frame of the type of EAP-Packet carries an EAP packet in its Packet body
field. The format of the EAP packet is shown in
Figure 1-4.
015
Code
Data
Length
7
Identifier
2
4
N
Figure 1-4 EAP packet format
z Code: Type of the EAP packet, which can be Request, Response, Success, or
Failure.
An EAP packet of the type of Success or Failure has no Data field, and has a length of
4.
An EAP packet of the type of Request or Response has a Data field in the format shown
in
Figure 1-5. The Type field indicates the EAP authentication type. A value of 1
represents Identity, indicating that the packet is for querying the identity of the
supplicant. A value of 4 represents MD5-Challenge, which corresponds closely to the
PPP CHAP protocol.
Figure 1-5 Format of the Data field in an EAP request/response packet
z Identifier: Allows matching of responses with requests.
z Length: Length of the EAP packet, including the Code, Identifier, Length, and Data
fields, in bytes.
z Data: Content of the EAP packet. This field is zero or more bytes and its format is
determined by the Code field.
1.1.4 EAP Encapsulation over RADIUS
Two attributes of RADIUS are intended for supporting EAP authentication:
EAP-Message and Message-Authenticator. For information about RADIUS packet
format, refer to AAA RADIUS HWTACACS Configuration.
I. EAP-Message
The EAP-Message attribute is used to encapsulate EAP packets. Figure 1-6 shows its
encapsulation format. The value of the Type field is 79. The String field can be up to 253